Security Incidents mailing list archives

RE: Identify Method

From: Jose Nazario <jose () biocserver BIOC cwru edu>
Date: Wed, 30 May 2001 13:02:41 -0400 (EDT)

On Wed, 30 May 2001, Jeff Peterson wrote:

Jeff has been tagged for th warez scene.  I had this happen to my FTP
server.  I finally had to make the whole site read-only.  I had the
very same passwords used, along with others, such as "uberdeleter".
Your address will appear on a site known to the warez people as SWAA.


to get an idea of the extent of this (anonymous ftpd writes for warez), do
a web search on 'test345':

        http://www.google.com/search?q=TEST345

in a nutshell, you'll find a lot of current and outdated warez sites
hitting a lot of places. it looks like some tools use this as their mkdir
test (ie mkdir TEST345).

hope this helps

____________________________
jose nazario                                                 jose () cwru edu
                     PGP: 89 B0 81 DA 5B FD 7E 00  99 C3 B2 CD 48 A0 07 80
                                       PGP key ID 0xFD37F4E5 (pgp.mit.edu)

Current thread:

RE: Identify Method Ingersoll, Jared (May 30)
- Re[2]: Identify Method Joris De Donder (May 30)
- <Possible follow-ups>
- RE: Identify Method Jeff Peterson (May 30)
  - RE: Identify Method Jose Nazario (May 30)
  - RE: Identify Method John Spinks (May 31)
- RE: Identify Method Keith.Morgan (May 30)
- RE: Identify Method Bobby, Paul (May 30)